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PURPOSE: To execute an RSA-type encipher system, suitable for 
the existing laws for managing the civil usage of chip card. 
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previously defined pattern stored in an EEPROM 5, the message is 
signed and outputted. When they do not match, operation is denied, 
and an error message is transmitted to a terminal. The respective 
instructions are stored in a ROM 4, and the message to be 
outputted is calculated by an arithmetic unit 6. 
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* NOTICES * 

JPO and NCI PI are not responsible for any 
damages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2,**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Industrial Application] This invention relates to the message signature system activation equipment 
which performs the signature authentication function to the message signed [ on which were signed 
and it message-signature-functioned ] according to the RSA type protected data switching system. 
[0002] Especially this invention is applied to the field of cryptocommunication which uses a chip 
card. 

[0003] Moreover, this invention relates to a chip card equipped with the message signature system 
activation equipment explained in the 1st step while using a RSA type protected data switching 
system. 
[0004] 

[Description of the Prior Art] A RSA protected data switching system will be United States Patent 
specification 4405829th at the name of RIBESUTO, SHAMIA, and ray dolman sleeves in 1978. It is 
indicated by the number. This is based on the difficulty [ the large number "n" which are the two 
prime factors "p" and the product of "q" ] of factorization. According to this system, the message 
which should be dealt with is formed as a number of connection divided into fixed-length Brock who 
is under "n." Each block M is [Equation 1]. C=Me Mod(n) 

since — Code C is formed with the characteristic "e" obtained. It is shown that Mod (n) operates by 
the modulo "n" here. A recipient is [Equation 2] in order to decode Code C. It is [Equation 3] in 
order to perform Cd Mod(n) =MedMod(n) =M. It is necessary to get to know the secret characteristic 
"d" with which are satisfied of e-dMod{(p-l) (q-l)}=l. This system can also perform authentication 
of the signature of a message, and a signature. Message M is signed by the sender using a private key 
"d." 

[Equation 4] S=Md Mod(n) 

The recipient of the signed message S can attest this signature by using the public key "e" of a sender 
in this case. 

[Equation 5] Se Mod(n) =MdeMod (n) =M [0005] A public key cryptosystem (for example, RSA 
type code system) is realizable by low cost with the present when the chip card progressed 
technically, maintaining satisfaction **** actuation. In many countries, it has tried to build the 
national network based on the chip card technique over the application as which the high-level secret 
of EDI (data information interchange), an electronic payment system, a banking system, a health 
system, etc. is required. 

[0006] When the code system used is a powerful system in the semantics that the message 
enciphered by many persons other than the user of a private key cannot be decoded, there is a 
possibility that a part of capacity of these networks may be used for the criminal purpose. Therefore, 
under the current law, decode of the data of a citizen application is forbidden in principle. 
[0007] Therefore, another code system by which a signature function like GQ system indicated by 
the France patent specification No. 2620248 for which it applied to the DSS (digital signature 
specification) system or November 7, 1987 when specification was defined in the United States of 
America was limited must be used. 
[0008] 

[Problem(s) to be Solved by the Invention] However, when a RSA type code system maintains very 
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high secret level, and is widely used for many products, and it is wanted and a permission is granted, 
it has the advantage that it can use as a data decode system. 

[0009] Therefore, the purpose of this invention is offering the message signature system activation 
equipment which performs the code system of the RSA type which suited the current law which 
manages the citizen application of a chip card. 
[0010] 

[Means for Solving the Problem] For this reason, the message signature system activation equipment 
by this invention is characterized by equipping said message signature system activation equipment 
with a means to forbid the message encryption and the decryption function of a RSA type system of 
arbitration. 

[001 1] The 1st example of the message signature system activation equipment by this invention is 
equipped with a means to forbid the signature of the message according to said structure while it 
compares the structure beforehand determined according to the message of arbitration with the need 
of assembling with each message which should be signed. 

[0012] Therefore, it prevents that can prevent signing an inaccurate more effective code message, 
therefore imjust decode actuation is performed. Since a code logical message is not controllable, 
either, even when it can be predicted, this code logical message cannot follow said structure. 
[0013] Furthermore, the message signature system activation equipment by this invention outputs a 
display as a result of affirmation, when these two are in agreement, and when not in agreement, it is 
equipped with the means which can output a display as a result of negation while comparing the 
obtained message with said structure preferably, after attesting the signature of the signed message. 
[0014] therefore, the message obtained after such signature authentication ~ a result ~ a display — 
negation — it is — a case — **** — an outside — outputting — not having — consequently, an invader 
cannot use the "Taira (plane)" message to signature verification actuation, in order to encipher a 
message unjustly. 

[0015] The 2nd example of the message signature system activation equipment by this invention 
applies a compressibility function to all messages before a signature, outputs the message 
subsequently compressed and signed, and when required, it is equipped with a means to output the 
"Taira" message. 

[0016] Therefore, the unauthorized use of the signature fiinction as a decode function is impossible. 
The reason is that a compressibility function is applied to the first message. 
[0017] Furthermore, the message signature system activation equipment by this invention In this 
case, after attesting the signature of said message compressed and signed, while comparing the 
compressed message which is obtained with the output "Taira" message to which said 
compressibility function was applied first suitably When these two are in agreement, a display is 
outputted as a result of affirmation, and in not being in agreement, it has the means which can output 
a display as a result of negation. 

[0018] Therefore, the message obtained after such signature verification is not outputted when a 

result display is negation. 

[0019] 

[Example] The message signature system activation equipment by this invention is realized based on 
83C852 of the microcontroller protected fi-om a physical viewpoint, for example. Philips. It 
constitutes based on EEPROM5 which memorizes various data, such as ROM4 including the 
instruction of operation which carries out especially this invention for this kind shown in drawing 1 
of microcontroller 1 with a microprocessor 2 and RAM3, a public key of a card, and a public key of 
the third person who exchanges data. This microcontroller 1 consists of an arithmetic unit 6 for 
actuation with the need of realizing a code function, and a control unit 7 for an input/output 
connected also to input I/O of a microcontroller 1. Said component of a microcontroller 1 is 
interconnected by bus 8. 

[0020] A microprocessor 2 is connected also to the inputs R, C, and Vr of a microcontroller 1, and 
Vdd. Input R is used for receiving the reinitialization signal of a microprocessor 2. Input C receives 
an external clock signal. Input Vr A reference voltage signal is received. Moreover, Input Vdd 
receives a power-source signal. 

[0021] He can understand all other details firom the specification of quoted microcontroller 83C852. 
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[0022] As shown in drawin g 2 , ROM4 is equipped with Types Dl and D2 of the right relevant to 
the file name and this file of EEPROM5, tiie register that has Dn, and the pointer to this file of 
EEPROM5 to each data files Fl and F2 of EEPROM5, and Fn. Therefore, in order to perform 
actuation of the information on the data file of EEPROM5, it is necessary to make the 
microprocessor 2 ( drawing 1 ) which confirms whether the type of this data of operation was 
permitted pass data. 

[0023] For example, EEPROM5 is equipped with the file which has the file of the public key guided 
at equipment, and the private key of equipment. It is shown that the right relevant to this information 
cannot read these rights fi'om the exterior. Furthermore, according to this invention, the file of the 
guided key has the right which restricts access to the data to signature authentication actuation. 
[0024] The information memorized by equipment is protected according to the stmcture of such an 
EEPROM. 

[0025] In the 1st example of the message signature system activation equipment by this invention, all 
tiie "Taira" messages Mo need to follow the structure defined beforehand. In the example explained 
later, it selected so that it might have a specific value to the effective bit of 64 of each message Mo 
(magnitude of the message processed by the RSA system is made equal to 512 bits by this example.). 
The bit by which 64 was defined beforehand is memorized by EEPROM5. In order to promote the 
notation of such structure, it is advantageous to tell a regular configuration, "00-0", "11-1", and 
"0101-01" to EEPROM5. [ for example, ] 

[0026] However, by repeating the predetermined part of a message, i.e., a message, two or more 
times, for example, it selects so that known redundancy may be put on each message Mo. 
[0027] Drawin g 3 shows the flow chart of actuation of the 1st example of the message signature 
system activation equipment by this invention. The corresponding instruction is memorized by 
ROM4 ( drawing 1 ) of a microcontroller 1 ( drawing 1 ). 
[0028] The semantics of various Brock of this flow chart is explained below. 
Box Kl : A microprocessor 2 ( drawin g 1 ) waits for attainment of the demand to port I/O of a 
microprocessor 1 ( drawing 1 ), The contents of these demands are defined as document ISO/IEC 
7816-3 pubUshed in 1993, and 7816-4. ** also includes the field which has the field which shows the 
type of the instruction (loading of the public key to the file of a public key to which it was shown to 
EEPROM5 ( drawing 1 ), a signature, authentication, or verification of a signature) which should be 
executed, and data which should be processed among these. Acceptance of a demand advances a 
procedure to a box K2, 

[0029] Box K2: The test which can determine whether relate to the public key which loads an 
instruction. When it relates to a public key, a procedure goes to a box K3. When that is not right, it 
goes to a box K4. 

[0030] Box K3: The public key in an instruction data field memorizes to the file of a key to which it 
was shown to EEPROM5 ( drawing 1 ). Subsequently, a procedure retums to a box Kl . 
[0031] Box K4: The test which can determine whether relate to a signature instruction. When it 
relates to a signature instruction, a procedure progresses to box K5. When that is not right, it goes to 
a box K7. 

[0032] Box K5: The test of the structure of the message Mo which passed as a parameter of an 
instruction. When the most effective bit of 64 of Message Mo is in agreement with the pattern which 
was memorized to EEPROM5 ( drawin g 1 ) and which was defined beforehand, it relates to the 
"Taira" message which can sign without unjust risk (a signature instruction is not barred in order to 
perform an unjust decryption.). A procedure is continued with a box K6 after that. When that is not 
right, actuation is refused, an error message is transmitted to a terminal (it is a response message by 
which the field "a regulation" encoded by 2 bytes defines the type of an error, as defined as the 
quoted document in fact.), and a procedure retums to a box Kl after that. 
[0033] Box K6: Signature [several 6] Ms=(Mo)d Mod(n) 

The output of the message Ms ♦*****(ed) and signed. Subsequently, a procedure retums to a box 
Kl. 

[0034] Box K7: The test which can determine whether relate to a signature authentication 
instruction. When it relates to a signature authentication instruction, a procedure is continued with a 
box K8. When that is not right, a procedure goes to a box Kl 1 . 



http://www4.ipdl.ncipi.go.jp/cgi-bin/tran_web_cgi_ejje 5/3/2006 



.JP,07-287514,A [DETAILED DESCRIPTION] 



Page 4 of 7 



[0035] Box K8: Storage to RAM3 ( drawing 1 ) with the public key "e" used for reading the file of a 
key to which it was shown to the signed messages Ms and EEPROM5 ( drawing 1 ) which passed 
the instruction data field. 

[0036] Box K9: Message [several 7] Count of Mo*=(Ms) e Mod (n). 

[0037] a box — K ~ ten ~ : — a message — Mo — * — 64 — most — being effective — a bit — EEPROM 
— five ( drawing 1 ) — memorizing — having had — beforehand — giving a definition — having had — 
a pattern — comparing — things (box KlOl) — obtaining — having had — a message — Mo — ' — 
structure — verification . When not in agreement among these two, a display is outputted with a box 
K103 as a result of negation (this format is the same as a format of the error message of box KS.). 
When these are in agreement, while memorizing message Mo' to RAM3 ( drawin g 1 ), a display is 
outputted to a box K102 as a result of affirmation (if it is shown that there is no error of the 
'^regulation" field encoded by two octets and the "data" field is a request as this was also defined as 
the quoted document, it is a response message containing the attested message.). Subsequently, a 
procedure returns to a box Kl. 

[0038] Box Kl 1 : The test which can determine whether relate to a signature verification instruction. 
When it relates to a signature verification instruction, a procedure is continued with a box K12. 
When that is not right, a procedure goes to a box K13. 

[0039] Box K12: The comparison with the "Taira" message received by the instruction data field and 

message Mo' memorized by RAM3 ( drawing 1 ) (box K121). When these are the same, a display is 

outputted as a result of affirmation (box K122). When that is not right, a display is outputted as a 

result of negation (box K123). Subsequently, a procedure retums to a box Kl. 

[0040] Box K13: Processing of an instruction of other types which are not within the limits of this 

invention, therefore are not indicated here. Subsequently, a procedure retums to a box Kl. 

[0041] The 1st example which has the advantage of being very easy is related when the identity of 

coincidence is known. Therefore, the end use is [ as opposed to / especially / the predetermined 

application determined very good ] suitable. 

[0042] According to the 2nd example by this invention, a compressibility function is applied to all 
the messages before a signature. Such a function is reference "Comment utiliser les fonctions de 
condensation dans la protection des donnees" published at the time of the SECURICOM seminar 
which there is a date on March 15, 1988 and was held in Pans in 1988. It is indicated. The main 
properties of such a fiinction cannot find in fact another message which gives the irreversible and 
same result. 

[0043] Drawing 4 shows the flow chart of actuation of the 2nd example of the message signature 

system activation equipment by this invention. The corresponding instruction is memorized by 

ROM4 ( drawing 1 ) of a microcontroller 1 ( drawing 1 ). 

[0044] The semantics of various Brock of this flow chart is explained below. 

Box K21 : A microprocessor 2 ( drawing 1 ) waits for attainment of a demand of port I/O of a 

microprocessor 1 ( drawin g 1 ). A procedure goes to a box K22 immediately after that. 

[0045] Box K22: The test which can determine whether relate to the public key which loads an 

instruction. When it relates to a public key, a procedure continues with a box K23. When that is not 

right, it goes to a box K24. 

[0046] Box K23: The public key which passed the instruction data field is memorized by the file of a 
key to which it was shown to EEPROM5 ( drawing 1 ). Subsequently, a procedure retums to a box 
K21. 

[0047] Box K24: The test which can determine whether relate to a signature instruction. When it 
relates to a signature instmction, a procedure continues with a box K25. When that is not right, a 
procedure goes to a box K28, 

[0048] Box K25: Application of the compressibility function to the message Mo which passed the 
instruction parameter and which should sign. 

[0049] Box K26: Message H (Mo) obtained by doing in this way is compressed. In this example, a 
RSA system processes a 512-bit fixed-length message. Therefore, it is necessary to supplement with 
message H (Mo) by adding the pattern Z beforehand defined in order to increase the die length of a 
message to 512 bits (EEPROM5 ( drawing 1 ) memorized). Therefore, the message obtained is 
[Equation 8]. {M'=H(Mo)| |Z} 
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It becomes (notation 1 1 shows compression actuation here.). 
[0050] Box K27: Signature [several 9] Ms=(MOd Mod(n) 

The output of the message Ms ♦*****(ed) and signed. Subsequently, a procedure returns to a box 
Kl. 

[0051] Box K28: The test which can determine whether relate to a signature authentication 
instruction. When it relates to a signature authentication instruction, a procedure continues with a 
box K29. When that is not right, a procedure goes to a box K32. 

[0052] Box K29: Storage to RAMS ( drawing 1 ) with the public key "e" which was read to the file 
of a key to which it was shown to the signature messages Ms and EEPR0M5 ( drawing 1 R> 1) 
which passed the instruction data field and which should be used. Box K30: Message [several 10] 
M"=(Ms)e Mod(n) 

****** [0053] Box K31: Verification of the structure of the obtained message (box K31 1). This 
message is configuration X|. It is necessary to have |Z. Let Z be the pattem which was memorized to 
EEPROM5 ( drawin g 1 ) and which was defined beforehand here. When a message does not have 
configuration X||Z, a display is outputted as a result of negation (box K313). Otherwise, while 
memorizing Message X to RAM3 ( drawing 1 ), a display is outputted as a result of affirmation (box 
K312). Subsequently, a procedure returns to a box Kl. This authentication is the 1st check which 
checks that it is the message effectively signed with the private key with which the message Ms 
which passed as a parameter is equivalent to a public key "e." 

[0054] Box K32: The test which can determine whether relate to a signature verification instruction. 
When it relates to a signature verification instruction, a procedure is continued with a box K33. 
When that is not right, a procedure goes to a box K34. 

[0055] Box K33: A compressibility function H compares the "Taira" message received by the 
instruction data field applied first with the message memorized by RAM3 ( drawin g 1 ) (box K331). 
When these are the same, a display is outputted as a result of affirmation (box K332). When that is 
not right, a display is outputted as a result of negation (box K333). Subsequently, a procedure returns 
to a box Kl. 

[0056] Box K34: Processing of an instruction of another type which is not indicated here therefore it 
is not within the limits of this invention. Subsequently, a procedure returns to a box Kl . 
[0057] Though the 1st example obtains a completely satisfactory result, there is often the need of 
having the strengthening protection which can be used. Such strengthening protection is obtained 
especially about a signature in this 2nd example. The reason is that strengthening protection uses a 
compressibility function. Another advantage that the starting point of the public key which should be 
used in order to use a public key (it defined as the advice X509 of CCITT) assay concept and to 
attest the signed message can be proved also has this strengthening protection. 

[0058] All the users A that own the message signature system activation equipment by this invention 
are actually the public key assay CA which EEPROM5 ( drawing 1 ) memorized and was signed by 
the authorization AS of a system so that it might explain below. And open parameter PPA It can use. 

[Equation 1 IJ 

Ca « [H(PPa)] Mod(nAs) 

In this case, [Equation 12] 
PPa - Wa II Ca I ValA II Ha II ... 

It carries out (here, PPA is made into User's A open parameter, H is made into a compressibility 
fiinction, IdA is made into User's A identifier, ValA is made into the date of the effectiveness User's 
A public key eA, and - shows other parameters in the case of the ability to take into consideration, 
makes nA and nAS User A and the modulo of Authorization AS, and uses dAS as the private key of 
Authorization AS.). 

[0059] Therefore, when sending by express the message by which User A was signed to User B, 
User A is the open parameter PPA at the time of User's A Taira writing. And public key 
authentication CA It transmits. In this case. User B is User's A public key authentication CA by 
performing the following procedures. It can attest. 



http://www4.ipdl.ncipi.go.jp/cgi-bin/tran_web_cgi_ejje 5/3/2006 



JP,07-287514,A [DETAILED DESCRIPTION] 



Page 6 of 7 



[0060] Open parameter PPA of a compressibility function H Application. 

[Equation 13] 

T = C^^ Mod(nAs) 

****** (let eAS be the public key of the authorization AS which can use equipment for insurance 
here.). The comparison with the obtained messages T and H (PPA). When in agreement, it is User's 
A public key eA. And modulo nA They are these public keys eA to authentication of the message 
which it was attested, and was signed as User B already explained. And modulo nA It can be used. 
[0061] This approach of attesting the public key of the user A by User B is the public key assay CA 
about the above-mentioned signature authentication function in fact. While applying, it is the open 
parameter PPA about the above-mentioned signature assay function. It consists of applying. 
[0062] Therefore, in this 2nd example of the message signature system activation equipment by this 
invention, it also has another advantage that authentication of a signature and authentication of a 
user's public key before verification are verifiable. 

[0063] In the another example, a decode function can be attested only to a predetermined user. For 
this reason, it is enough just to relate each private key to the use standard of the decode limited to the 
predetermined user. 

[0064] Before testing the structure of the obtained message to the 1st example, the structure of the 
message which tested the valuie of this use standard to the box KIO, therefore was obtained is 
verified only when decode actuation is forbidden. 

[0065] To the 2nd example, a decode instruction is arranged in a box K34, and said instruction is 
executed after the test of the property of the use standard of the private key contained in the private 
key file ofEEPROMS. 

[0066] Drawing 5 shows a data switched system equipped with two chip cards A and B, and forms 
the message signature system activation equipments Al and Bl by this invention in each of these 
chip cards. Each holder of these two chip cards communicates through a terminal CI. 
[0067] A health system is mentioned as an actual example of application of such a system. A 
patient's individual card is made into a chip card A, the individual card of a special medical 
examination of health to a patient's file is formed by the chip card B, and information interchange is 
performed through the terminal CI with which a doctor's premise has been arranged. 
[0068] In Table 1, it is between [ of these three ] components, namely, the example of the exchange 
protocol to the 2nd example of the message signature system activation equipment by this invention 
is shown (II, 12, 13, and 14 are considered as a display as a result of the affirmation sent by express to 
the terminal CI with each card B after actuation, or negation.). 
[Table 1] 
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[0069] It is clear that the above-mentioned example can be changed within the limits of this 
invention. 

[Translation done.] 
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JPO and NCIPI are not responsible £or any 
damages caused by the use o£ this translation. 
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CLAIMS 



[Claim(s)] 

[Claim 1] It is message signature system activation equipment characterized by to have a means to 
by_which said message signature system activation equipment forbids the message encryption and 
the decryption function of a RS A type system of arbitration in the message signature system 
activation equipment which performs the signature authentication function to the message signed 
[ on which were signed and it message-signature-functioned ] according to the RSA type protected 
data switching system. 

[Claim 2] Said message signature system activation equipment is message signature system 
activation equipment according to claim 1 characterized by having the structure beforehand 
determined according to the message of arbitration with the need of assembling, and a means to 
forbid the signature of the message according to said structure while comparing each message (Mo) 
which should be signed. 

[Claim 3] Said message signature system activation equipment is message signature system 
activation equipment according to claim 2 which outputs a display as a result of affirmation when 
these two are in agreement, and is characterized by to have the means which can output a display as 
a result of negation when not in agreement while comparing the obtained message (Mo') with said 
structure, after attesting the signature of the signed message (Ms). 

[Claim 4] Said message signature system activation equipment is message signature system 
activation equipment according to claim 1 characterized by having a means to apply a 
compressibility function (H) to all messages (Mo) before a signature, and to output the message (Ms) 
subsequently compressed and signed, and to output the "Taira" message (Mo) in being required. 
[Claim 5] The compressed message which is obtained after said message signature system activation 
equipment attests the signature of said message (Ms) compressed and signed (X), While said 
compressibility function (H) compares the output "Taira" message (Mo) applied first Message 
signature system activation equipment according to claim 4 characterized by having the means 
which outputs a display as a result of affirmation when these two are in agreement, and can output a 
display as a result of negation when not in agreement, 

[Claim 6] Message signature system activation equipment according to claim 5 characterized by 
performing a public key assay (CA) concept and a open parameter (PPA), and attesting the received 
public key (eA and nA) using the means of the preceding clause. 

[Claim 7] Message signature system activation equipment given in any 1 term of the claims 1-6 
characterized by enabling it to permit a decode function to a number of users which the use standard 

was related to each private key, and were limited. 

[Claim 8] It is the chip card characterized by said chip card equipping any 1 term of the claims 1-7 
with the message signature system activation equipment of a publication in the chip card using a 
RSA type protected data switching system. 



[Translation done.] 
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VO 
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1 ] R S A^^ycOSS-r-^S^i/XxA 

[If ^« 2 1 tm:^ y "t-i^m^i/XT-hmmm 

*E 1 y •fe'--:^^«i/XxA||fT«B6 

Ca«^3l lUa^y-b— ;^g«i^Xxi^||(T«H 
(i. gS^n/cy^y-fe-S^ (Ms) Ogi&J&KSELfc 

■r2.iS*a2Ee©;)<^y'fe--5;g«i/X'rA||fT«ao • 
tt. S«fi9Ji:aE«Bia (H) 3&^TO><*y-b-i^ (M 

(Ms) ^ffi:fju igss^ii^icti r^j >(^7-fe->^ 

(Mo) ^ffi*-rs¥a^^^i5cfcj&«$ai:^<5K« 

^ 1 fBKOp< -fe-v^W^-^X-r AHfrSSo 
[iS*JK53 Siffi>«^y4r--:^g*v/Xxi^||fT«B 
tt. mHeff«35)^oS«^nrcp«*yt:-i^ (Ms) OS* 
3&ffi8iEL/cl|. ^^nSflE«f^n/c;^^y-tr-i^ (X) 3o 
t. fi9f2EteHa (H): A^gfikiaffl^ n/cttl:fj T^J 
^sy^^^j (Mo) fcJ&Jt«H-§fcht,k:. cn^ro 

c l:^1$tSfc-r5fS«3S 4 iB«0;?< ^y -t 

--i^S^e/XrAllfT^So 

(ca ) «;gaitf»e8/^^^"^ (ppa ) fkmiu 

^mzntc'm& (e* . n* ) ^VSmr^^r>\chtc 

1 5 J: -5 tc urcc i:;&1$jai:^«»ei«^ 1 6 (D^ 
<Oi^-rti*^ 1 JStEKO;^ yfe-i^SSi/XxAHfrSS . 

fie 

[Sa*JK8] R S A^^l/^Dffiffi-r-^^gg^VXxA 

fi. SI«JBl*^S7(D9^<0l^'fn/)>lfflJci2e<0^»y 
-t-5^SSS/XrASIffSE*ail5c^^1fai:'rs so 



^y:/;0-Ko 
[000 1] 

-^JfJJf^i^XxJUtct/^oTp^ y-t-e/'^^tlggRD^g* 
^nrcpt -y •lr-$^tcJ^*rsgSKi[fflfi6^^fTl-S>^ »y 

[0 0 0 2] *^W^i^$^^:^'y:r*-H:&ffiv^5B^Ji 

[0 0 0 3] ^/c*3?W(i. RSA^5r^:/<0RSIx-t$r 

5gis/xxix^ftjffl-r« t %>\cm 1 ST-Kwurc/ »y 

[0004] 

[{*«<OS»fi] R S A«Sr-^3fiSi>'X-rA«. U-^ 
X h. i^-^ ^7RC;x-< F;l/vyo*T 1 9 7 8^tC* 
S1$fffflafflS»4405829 ^tcra*«nri>i5o Ctltts 

rocoi^SS: Rt; •'q" <D©-e^S:*c^3S:a "n" 

l^So «7D^y^M(i. 
[fil] C=M« Mod (n) 

TMod (n) tiSftf^^&^i/'aD "n" XVx^Ct^Tr^ 

[82] C Mod (n) =M««Mod (n) =M 

tftSje-dMod Kp-l) (q-l)J=l 

[a4] S=M'* Mod (n) 

[85] S» Mod (n) =M**Mod (n) =M 
[0 0 0 5] ^^yy;?7--K*^«k:jlt^b/c:S4-e 
tt. «S»^Klftft*«l«fU*3b^ei«8a«^i/Xf A 

(WRtfRS A^-r:/o^^i/xxA) ^^finxhm 

S-r§ct*^T^^o ^<<0@-ett. EDI ir-^m 

mm . B^iia.e/xf-A. fflfr^/xxA. @jKi/x 
[0 0 0 6] ffli^e^ns^^v^x-rA^b^ tMsaoffiffl 

*^l?t*v>ti>'3]S«T»:^^$/XrATfc5ti^. c 



i 



[0 0 0 7] L/c*^oT. 7p«»J;^^ST*)^teA^^i6 
en/cD S S i^XxAXti 1 9 8 

7^1 1^7 Bicamtsnrcy^yx^mmmm?S262o 

[0008] 

[^^/j^i^S^bct^i:^"^^®] UiPL:^*^6> RSA 

[0 0 0 9] LfcA^-:>T*^(Oa»tt> ^*y:/*-H 
[00 103 

[0 0 1 1] *SIWtcJ:S;^'yt— :^^^5^X'rixl|ff 
[0 0 1 2] U/c*^oT. ^iEIC^O. WJajQ:^^^^^^ 
[0 0 13] ^^tc. *^We:.fc5:/*ytr— :^gS>/X 

[00 14] L/c*^oT. CCDct9«:^mgEmiJ:(iP» 40 
[0 0 15] *RWJcJ:S;<»y-lr-5?g-€i/X-rAllfir 
[0 0 1 6] LrcM-:>rffl^afi61:LTOS«afi6(0^ so 
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[0 0 17] ^e»tc> :^^micX^)^yt-i^m^->7. 

TL^mnrnm^i. com-^&xicit. it^iaEteAozs. 

[0 0 18] bfc^^oTs C©J:9«:SStti£0»SS 
[00 I 91 

[^09] *5£WU:J:Sp«y-b-i^S*e^XrAllfiS6 

"7. m(f7w'i;*y:/xa<D83C852fcS':5i^Tll»r 
§o 0lk:^^cto@cD^-<^nnyhn— ^13^^ v 
>r^ci:/'D-fey'9-2^. RAMSi:. «fk:*SW«aB . 
■r5»f¥**«:^trR,0M4fc. *-K<0»ra». -r- 

iatSt-^ E E P R 0 M 5 i:icS•:5^/^Tffl*r5o cov 

•5Kifrffl«0giI¥S©6h. v^^onyhn-^ lOA 

i:*>6t,8lfig;3?tiSo v-f^npyhD-vlOfi9l^ 

[0 0 2 0] v>r^n:/a-b*y'9-2*. ^^^uuyV 
u-^\<OKt\^; C. Vr . Vddlcfeft^tSo A* 

R^. v^iJ^nyn-t^ylf 2<0|ISJfl^fb^^^S#rs 

[00 2 1] ^(O^X(OWSi^. ^mi^tcyr^^uny 

[0 0 2 2] H2lCg^-ril:5lC. EEPR0M5<D#x 
— ^77'Y;VF1. F2. , FntcWUT. R0M4 
(i. EEPR0M5CD7r>r;l/«RtfC<D77-r/WcM 
a'r««l?J<0^-f:^D 1, D2. . Dn^Wt-^l^i^ 
X^^. EEPR0M5OCO7r-r/l'JC«'r5#'r> 
^t^ax.§o Lfc*^oT. EEPROMSCOt^^'^ 

a-fe:y1^2 (01) tCx-^'J&jiji^-y:5i&gA^««o 
[0 0 2 3] mff. E EPROMSfi. KBfCjM^ 
ns l^a<D7 r V t/KSolgfea^^ 57 r-f 

tiff. ^fyznrcU(r>yr^A^\t. 
^T^-^f'^or^-txj&Kifi'r^iif'j^^rrso 



(4) 1*r^¥7-2 8 7 5 I 4 

5 6 

[002 4] COct^^EEPROMOffliiJCctO. S ^n^l^o ) o ^XK 6 Tfil^^tl 

ittcietg^n/ctg^^^iSf ^^T'^i^ii^. SifWi§ie^n. x^-p(^;;-tr- 

[0 0 2 5] *liW(cj;Spi^>-t-yss^/xxAii?T '>'*^«a*fcHiii5n (^-tifiUJ^tcci, ^iffi^n/c:^:© 

LTl$^<0ffl«:l«Oj:5fcil^L/c (RSA->XxAT* [0 0 3 3] 5^»y^^XK6 

^m'^t\^^^^'t-t/<0:K^-^^. :^mvit5 1 2ir^y [86] Ms = (Mo) Mod (n) 

h{cmL<t^o ) o 6 4CDW^II?n/clf *y hfiE OtfS^&Cf^S^n/cp^ y-fe-i^M s Offi^o ^V>T\ 

m-t^fMc^ mwmt^mi^. m^^f "o o o- . [0034] :r>y^xK7 : s^BH^fcgiat**^ 

r. **oioi or*^EEPROM5t s*^ofts^-rsci:*^T*^$7^xho ssgn^^t 

[0 0 2 61 Li)^LWP>. m^ii^y'{i-iyrtiit>'^ -es&V^ii^. *iK3b<#y ^XK 1 1 icMtTo 
7^y\^-i^(Om&(0^^:^ni^mm^'^'rctKX^. [0035] sJ^^^XKB :#^x-^7-<~;l/K^5i 

Sp<^;,ir-^^Mofcffi»J(07i:g«:®<J:^(C3g^*r^p aLfcS«;jnfc;?^ y-b->^Ms i:. EE PROMS 

CO 0 2 7] 03 (±. *«WtcJ:S^ryb-s^g«s/X (0 1 ) oRrt^n/c8i<D:7r>r;l/J&K*ffi-r<OK:fflv^ 

y'L.mtj&mom 1 lljS09iOaf^<D7o-^-V- h^g^ ^^gga " e - i:OR a M S (Hi) -\<omBL 
to Mf&t^^it. v-f ^/navhD-^ i (01) [0 0 3 6] i^y^XK 9 

(0R0M4 (01) fcEfi^tlTV^So 20 [87] Mo' = (Ms) • Mod (n) Ottgo 

[0 0 2 8] C(Oyu-^^—h(Om^(Oyuy^<OM [0 0 3 7] t*y^XK I 0 : ?^y't--:^Mo' 06 4 

ift^iXTUi^'r OS fe^a^S: iryhi:EEPR0M5 (01) JcKtg? 

4?y^XKl : v^^nyn-tr^ylfZ (01) ttv^i^ tifc^a^SH^nfc/^^-^fcJ&itKf 5 (4Cy^XK 

nyn-b^y+M (Si) O^K-h I /O-\(7)|g*(0fiM 10 1) Ct{c^On^nrc:^y't-i^Mo' <om^(0 

rc K4^a><>HS0/IEC 7816-3ZS:tf78I6-4JC^e$nT ^^4?^ ^XK 1 0 SJCTW^J-TS (i:o[)7*-Ty K - 

V^So cn^OrtSti. Hfrt*^^ (EE PROMS fi/l^y ^XK 50x^-pC v^y Hi:!^ 

(01) (om^-^nrci^mmcoyr^fw kbex -r-fc^o ) □ cti^ti^-scr^m^. ^^-^i-i^M 

{mfi<0mL^<0'MmOU-^) ^(0^^:/:^^t o* «:RAM3 (01) JCigtSf Sfcfc t^fc^^Oig* 
7^'-;kKS:C;iaS*r^ex-^^#t^7-Y-^;l/Ffe » g^^4->^y^XK i 0 Zfctti^j-rs (cnt>. 5lffl^n 

[0 0 2 9] 4^>y^XK2 : ^^^n~ K-T^i^g^aiC 7><-;l/F*<mii*&ffiIS^n/c^y'tr~>^^# 

Maf$*^5*^coftS*fT9<ii:*^T*tS*rXho 'j^m trlSS^ty-lr-i^T^feSp ) o :»:i>T\ ¥«{±2j-;y^^X 

J&V^ii^. 4^'y^XK4JCJitfo [0 0 3 8] ^J^-y^XK 1 1 :^««^iE^^{C&i]i-rS 

[0 0 3 0] 4^y^XK 3 : ^*x-^7^-;l/F*0 ;()>SA^<DSi^^ff 9Ci:;b^T*^Sf-X K «4fi^SE6r^ 

Ijraa*^ EEPR0M5 (01) <D|grt^tlfca<07 {cMiif SJi^. ^XK 1 2 vtmt^o ^ • 

5o 40 [00.3 9] 5|?y^XK 1 2 :d^x-^7-<'-;l/Kk: 

[0 0 3 1 ] ^XK 4 : g«#^lci03i-r^;&^g*> SM^nfc F^J ;>« y-fe-i^i:. R AM 3 (0 1 )Mc|2 

O^^ff^CltA^TtSxXho ^S^^fC&Oa-r-S te^tlfcj/y-fe— :^Mo* i:<OltK (:^^y^XK 1 2 

ii^. ¥«lfi4?*y^XKSlCaitfo ^^-C^V^ig^U: l) o cne»*^lR|-TfeSii^. ^^Oi^mS/^*^** 
{i. #y^XK7tc:jitro (4?y^XK 1 2 2) o ^9T*^(.>ig^. SSO 

[0 0 3 2] 4^y^XK5 :^^(0/^77«-:5ri:LT3i SSg/TxAm^nS (4?*yi^XKl 2 3)o *»/^T\ 

SL/fcpty^— :;Moo«ig<0'f XK p<»y^:-i;Mo $^)b^:^?y^XK i jc^So 

<06 4<D®t,#a35:i;y hjb^ EE PROMS (01) [0 0 4 0] #y ^XK 1 3 : *^^cOl5HrtT-ttJS: 



(5) 



m^¥7-2H7 5 I 4 



[0 0 4 2] :^^m\c^^m2mm\^^tiii. esm 
^orsmmi. 1 9 88^3^1 5soa(Wfeo. i 

9 8 8*te:>'<'J Tgflffi^n/cS EC UR I COM-tr^:f 
— OWpte:fflKS^nrcS:Slt"Coinment utlllser les fonctl 
ons de condensation dans la protection des donnee 

[0.0 4 3] 04tt. *«W«cJt^^^y-lr--:^S«$/X 

-To w^s-rs^^fi. v-r^o3>hn-5i mi) 

OR0M4 (01) k:i2te^nTV>5o 
[0 0 4 4] C<D7D~^'V— hoa4rO:/n^^Oig 

4'vy^XK2 1 :T><^p:/a-t'y'9-2 (HI) ttv^T 
^D:/n-by1fl (HI) O*-H/0<0S*Oi!l]i ». 
^^^o ^O^^^Jb^-rCtC^-t-y^XK 2 2JCiitro 
[0 0 4 5] 3j^y^XK2 2 :d^^n-F-r«^g8a 

[0 0 4 6] s^*y^^XK2 3 : d*r-^7-<-;l/F:fe 

iij§Lrci.^r*aa*^ ee proms (Hi)o^F^^n 
K 2 1 \cm^o 

[0 0 4 7] 4<'y^XK2 4 : S«^^lcii3i-r^:6>5 30 

§ig^. ^8!A^5j?y^XK2 5'^iK-r^o 

*lK*^^*y^XK2 8(c8tro 
[0 0 4 8] 2}^»y^XK2 5 :d^/^5>«-:5?^jSaL 

[0 0 4 9] 2^*;'^XK2 6 : C<DJ:9*cLT^e»nrc 
>c»yHr-i;H (Mo) t^m&iiti^o *ffyT*{i. RSA 

->X'rA{±5 1 2vf*y ^^oa^gioy*y•fe->^^^as■r 
■^•r/ci6lC. (EE PROM 5 (HI) «c|2e? ^ 
^y-b-s;H (Mo) ^rffiS-r^iSSjb^fcSo LfcJb^o 

[fi8] <M* =H (Mo) I I Z) 
fc)S:5 (CCTfB^ I I ttffiBaftf¥3&*^o ) o 
[00 50] 4^»;^^XK2 7 
[89] Ms= (M* ) " Mod (n) 

[0 0 5 1] 3i<»y^XK2 8 raSEKd^tclSffi-rs 50 



tceaa-rsii^. ¥«g*^:d<^)'^xK2 9T*«a-r-6o ^ 

[0 0 5 2] 4?y^XK2 9 :^^T-^7-<- ;UH^ 
iijaLrc^S:?<*;'-b-S^Msi:. EEPR0M5 (H 

^^t^^B§a*'e" i:ORAM3 (Hi) ^Oga, 

[gl 0] M** = (Ms) • Mod (n) 

mn 

[0 0 5 3] ^y^XKSl : ^^tifc^ y-lr-S^<0« 
jgO«IH (4?y^XK3 11)0 C(0/*y-b~$;fi. 
«X I I Z^mt^i^if^h^o CCTZ*. EEP 
ROMS (HI) lcEieLfc^J6^e$nrc/<^r-yfc 
•rSo ;^*y-e-^^;5^Jg«X I I Z^WbJ&v^li^. 
<Ote«^*m^n$ (3|?yi^XK3 1 3) o ^%>rji 

ttntf. >«y-b— :^X3&RAM3 (HI) tcffifirrsfc 

2) « *1>T\ ^Sctf^y^XK ItMSo COSa . 
/<7;«-^fcbT3ffiaLfc><*yb—::^MsA<4iHa 

"e" tcfflst-sii^atJzoT^fcws^nrc^'y 

[0 0 5 4] 4?^y^XK3 2 :S«ttlE^k:fflat« 

tcMjg^^li^. ¥m^^y^XK3 3T*«li^-r^o ^ 
9 -eJ&l^ii^^ ^X K 3 4 \mt5o 

[0 0 5 5] 2}<^y^XK3 3 : BEiSmH^^^ataffl 

RAM 3 (HI) Jcl3t6$nfc;«*y-b-s^fcJ& 

ittt-r^s (4^*y^xK3 3 1) o cti^tm-^h^^ 

^^OiB^S^^rUA-rS (3j?*y;7XK3 3 2) o 

K 3 3 3) o ¥^;«)^3}<*y ^XK 1 iC^So 

[0 0 5 6] spy ^XK3 4 : ^^cOffiHrt-CftlV 

So *V^T\ ?^*^4<*y^XK 1 (cM^o 
[0 0 5 7] ^ l llfiSMA^^±JC?S£^tSII^<f 

So COJ:3&a{keilM:Com2llJSMTif<cg*K: 

mt^ii^^x^h^^ ciommmts (ccm <di&^x5 

^^EWr S c S $ i: i> 3 »»J<0*J^ fc^So 
[0 0 5 81 mSJc. 2HSa«»c<fcS;»«y-b-$^S«->X 
-rAHfrSS^rm^-rs^^i^Sffiffi^A^i. WTHW 
-rScfc^fc, EEPR0M5 (HI) tcEte^tU 5^X 

Ti.<DflFarAs«c^oT8«*nfci;^Baatt£CA Rtf 
[&1 1] 



<6) 
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Ca = (H(PPa)1 ^ Mod(nAs) 

[ftl 21 

PPa - Ma II «A II ValA I HA II ... 

tt^ (CCT\ PPa ^ffiffl^AO^^/^^;)^-^^^ 

Va U «:ffifflSA<04u^M»eA <D«5Stt<DB{*fc 

^Ls HA &jC;nAs^ffiffi^ARtfflPRjAS<D^i^jtn 

dAsJ&PfRTASOlMSafctSo ) « 
[0 0 5 9] Lfcti^-yX. m^Af)\ m^^tlTc^y 

CO 0 6 0] EEI80§aHO»ra/<7>«-^.PPA '\c[)38 
Cftl3] 

T = C^*^ ModdiAs) 

(OWrn dccve^^. S^g«r^±U:f(JffiT?*5ffprA 

Pa ) t<oit^o -m-^^s mm^A(o{ikmmeK 

RXf^i^jLUxiK A^ffiSE^tix ffiffl^Btt. rocKWL 

^.^p^acA at/^i^'iPnA ^<£ffl-rss:.b*^T*t-5o 

[0 0 6 1] ^^$Blc<}:^Mffi#A<0^^gi»^KSE'r 

pc-^ P Pa taffl-rsc: i:Jb>S35:5o 
[0 0 6 2] b/c:6^oT*%^k:<J;S^^yb— 

[0 0 6 3] mmmmxit. ^mmm^(om^ 

[0 0 6 4] ^l||JSei{C«LT(i:. enfc>« y-tr- 

[0 0 6 5] ^2iyfieilC^^bTfi. 4^»;/^XK3 4tC 
m^^^^Sm EEPR0M5 0»SBa7 7 ^;l/ic 

[0 0 6 6] 05(i. -0<0^»;/>^/7~KARt;BJgra 



40 



10 

?fgSA 1 25^tf B 1 ^mf^o cnenocD^^yy^- 
[0 0 6 7] C(OX^ rj:i/7.7'L.(0mfSi<0mmmtLX 

[0 0 6 8] ^\\cto\,^x. cneH-ptD^^^Ox -r 

12. I 3Rtf I 4^. «^iMmA-FB«e:J:OS*C 
[Si] 

»-KA «*C1 *-.KB 

BSC. 

I tfUEPP* 

I itH «EM.A 
S^I 3 
I3«< BKM.. 

CO 0 6 9] *SW<0«SBrtT'±iBII«fifflIOgS%fTP 



[01] *«B8lc*5><>yb-i^a«->;:^r/»llf7SE 
CB 2 ] *5EW(c J: 5 ;?t ^-VmZ UT^T-U^^mS. 



i 



(7) 
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[03] ^^QgiCct^T^'y-b-i^'^Si^Xf-AUffS® 8 

(OS 1 mmm<ommyu-'^^-hv$>^o a. 

[0 4] :^^m\c^^^y'ki-i^m^i^:^7'i.mvii&m a i 

corn 2 nmmo)«}my d-^-v - h v&^o c . 

[05] *aQ«k:<fc:5P«'yfe-i^gSi/X-rixlHtS@ D 1 

^M:^^^y:/i3-y^mmmc7rctmv&^^ fi 

[??F§<OittM] K 1 

1 T^^anyhn— 7 9. 

2 v-r^n>/^uir»y'9- 2. 

3 RAM 10 8. 

4 ROM 4. 

5 EEPROM 2. 

6 mm 1* 

7 aw^.— y h 



B ^-yy^-F 

. Bl p« 'ytr->^^^i/XxA||?T«S 
I/O. R. Vdd, Vr A:^J 
. D2. Dn flifij 
, F 2, F n 

, K2, K3. K4. K5. K6. K7. K8, K 
K 1 0. K 1 1. K 1 2. K 1 3. K2 1. K2 
K23. K24. K25. K26. K27. K2 
K29. K30. K31. K32. K33, K3 
KlOl. K102. K103. K121. K12 
K123. K311. K312, K313. K33 
K332. K333 ^fi 
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ROM 
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